HackDig : Dig high-quality web security articles

The npm netmask vulnerability explained so you can actually understand it

The popular npm netmask library recently encountered a serious problem, explained as follows: The npm netmask package incorrectly evaluates individual ipv4 octets that contain octal strings as left-stripped integers, leading to an inordinate attack surface on hundreds of thousands of projects that rely on netmask to filter or evaluate ipv4 block ranges, b
Publish At:2021-03-31 12:16 | Read:769 | Comments:0 | Tags:Exploits and vulnerabilities cidr CVE-2021-28918 decimal dns

Android Native API Hooking with Library Injection and ELF Introspection.

This post can be considered both the part 2 of the previous "Dynamically inject a shared library into a running process on Android/ARM" and a proof of concept of the same, namely what can be done with library injection on Android. TL;DR I've updated the source code of the arminject project on github adding a library that once injected into a process will
Publish At:2015-05-04 23:30 | Read:7614 | Comments:0 | Tags:hooking api hooking library android injection elf relocation

Dynamically inject a shared library into a running process on Android/ARM

If you're familiar with Windows runtime code injection you probably know the great API CreateRemoteThread which lets us force an arbitrary running process to call LoadLibrary and load a DLL into its address space, this technique called DLL Injection is often used to perform user space API hooking, you can find a good post about it on Gianluca Braga's blog.
Publish At:2015-05-02 05:45 | Read:6417 | Comments:0 | Tags:hooking api hooking library android injection ptrace remote

RuberTooth - A complete Ruby porting of the ubertooth libraries and utilities.

Today, finally my ubertooth arrived and I immediately started hacking with it. I installed its libraries and tools both on OS X and on my Linux virtual machine, and after a while I noticed a few things: The compilation process is not well documented for newer versions of OS X, thus manual code patching here and there is required. Some of the tools are o
Publish At:2015-02-13 02:10 | Read:4328 | Comments:0 | Tags:hack library BLE bluetooth low energy bluetooth ubertooth ru

Announce

Share high-quality web security related articles with you:)
Tell me why you support me <3

Tag Cloud